Health Data Breach Prevalence Could Breed Consumer Distrust, Report Finds
It’s been well established in the news that healthcare privacy breaches are becoming increasingly common. However, the cost of these breaches goes beyond the financial consequences for victims of breaches—they also impact consumer trust in healthcare as a whole, a new study warns.
Health IT experts fear that patients who are concerned about the safety of their health information may be less likely to disclose pertinent health concerns to their physicians, according to an editorial published in the Journal of the American Medical Association.
“Concerned patients may also withhold sensitive information about issues such as mental health, substance abuse, human immunodeficiency virus status, and genetic predispositions,” wrote David Blumenthal, MD, MPP, of The Commonwealth Fund, and Deven McGraw, JD, LLM, MPH, of Manatt Phelps & Phillips LLP. “Surveys suggest this may already be happening to some degree. Loss of trust in an electronic health information system could seriously undermine efforts to improve health and health care in the United States.”
To evaluate the scope and characteristics of reported breaches between 2010 and 2013, researchers combed through the Department of Health and Human Services’ online database of healthcare and included breaches affecting 500 people or more for their study. The number of breaches impacting over 500 people accounted for 82 percent of all the reported breaches in that time span.
According to the analysis of the HHS database, investigators learned that of the breaches that occurred between 2010 and 2013:
- There were 949 breaches affecting 29.1 million records
- Breaches were reported in all 50 states, and five states accounted for 34 percent of all breaches: California, Texas, Florida, New York, and Illinois
- Most of the breaches studied were perpetrated by electronic means (67 percent) as well as theft (58 percent)
- 29 percent of the breaches studied involved external vendors
“Given the rapid expansion in electronic health record deployment since 2012, as well as the expected increase in cloud-based services provided by vendors supporting predictive analytics, personal health records, health-related sensors, and gene sequencing technology, the frequency and scope of electronic health care data breaches are likely to increase,” the authors wrote. “Strategies to mitigate the risk and effect of these data breaches will be essential to ensure the well-being of patients, clinicians, and health care systems.”